Is it possible to update the built-in OpenSSH Client in Windows 10?

windows-10 ssh powershell openssh

This page gives the steps to follow using Powershell to install the latest packages.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$url = 'https://github.com/PowerShell/Win32-OpenSSH/releases/latest/'
$request = [System.Net.WebRequest]::Create($url)
$request.AllowAutoRedirect=$false
$response=$request.GetResponse()
$([String]$response.GetResponseHeader("Location")).Replace('tag','download') + '/OpenSSH-Win64.zip'  
$([String]$response.GetResponseHeader("Location")).Replace('tag','download') + '/OpenSSH-Win32.zip'

If you use Chocolatey, then type the following in the command prompt as shown here:

choco upgrade openssh

The answer to overwrite the files works:

Download the latest and update them in C:\Windows\System32.

However, this is easier said than done due to how Windows restricts permissions to modify/write files in System32. Running PowerShell as Administrator was not sufficient to modify files. I had to change ownership and add full control permissions to get it done as follows:

# Download upstream bins
$url = 'https://github.com/PowerShell/Win32-OpenSSH/releases/latest/'
$request = [System.Net.WebRequest]::Create($url)
$request.AllowAutoRedirect=$false
$response=$request.GetResponse()
$source = $([String]$response.GetResponseHeader("Location")).Replace('tag','download') + '/OpenSSH-Win64.zip'
(New-Object System.Net.WebClient).DownloadFile($source, 'OpenSSH-Win64.zip')



# Overwrite windows installed bins
$openSshBins = (Get-ChildItem 'C:\WINDOWS\System32\OpenSSH\').Name
Expand-Archive -Path .\OpenSSH-Win64.zip -DestinationPath .
takeown.exe /a /r /f C:\Windows\System32\OpenSSH\
icacls.exe 'C:\Windows\System32\OpenSSH' /grant 'BUILTIN\Administrators:(OI)(CI)F'
icacls.exe 'C:\Windows\System32\OpenSSH' /grant 'BUILTIN\Administrators:F' /t
Stop-Service ssh-agent
$openSshBins | %{ Copy-Item -Path .\OpenSSH-Win64\$_ -Destination C:\Windows\System32\OpenSSH\ }
Start-Service ssh-agent

Note, to auotmate the download, you need to permit redirects.


The binaries are now on GitHub. Download the latest and update them in C:\Windows\System32.

Related

gpg: signing failed: No pinentry
How Do I Map a Drive Network Share Using the Linux Terminal?
GRUB: how find partition number (hd0,x)?
How to connect to memcached from another machine
Man pages for Git Bash on Windows 7
OS X: How to avoid having to re-connect to network share after NAS was turned off?
Same WIRELESS mouse + keyboard (Logitech Unifying) for two different computers?
How to: Database Model in Visio 2013
How to run Linux Remmina from the terminal?
How to add a 'Host-only Adapter' to a VirtualBox machine via Vagrant file configuration?
How can I open an .mht file in linux (Ubuntu)?
Why does Vim ignore files in ~/.vim/after/ftplugin?